By: Ty Purcell (GCIH, GPEN, GWAPT)
Publication: The Colorado Banker , September/October 2017
It seems that every week a news story appears detailing new hacking activity originating from organized groups with interesting names such as Energetic Bear, Rocket Kitten, Crouching Yeti, Night Dragon and Sad Panda. While these names are colorful, the groups they are associated with are deadly serious. One might think that these groups are interested only in government or military secrets. However, businesses from all sectors are subject to attack. Successful compromises have been detected in areas such as power and water utilities, communications, and in business holding personal identifying information. The motivations behind these attack groups are tied to political, commercial, and security needs. When considering this, it becomes obvious that all businesses and many individuals have information that would be valuable to the groups. Making the problem more complex, many organizations do not realize they are compromised until they are notified by an external source, usually law enforcement.